Category

Internet Governance

LINX Join the MANRS IXP Programme

By | Internet Governance, LINX Governance, LINX News, News

Today the London Internet Exchange announced that it has joined the MANRS IXP Programme and will be supporting the MANRS initiative.

MANRS (Mutually Agreed Norms for Routing Security) was created by members of the network operator community as an initiative to promote good practices in routing security. Weaknesses in routing security can lead to route leaks, IP address spoofing and even route hijacks, facilitating DDoS, traffic inspection and other security breaches. MANRS provides crucial fixes to reduce the most common routing threats.

MANRS Actions outline simple but concrete actions network operators should take. Internet Exchange Points (IXPs) are important partners in the MANRS community. The MANRS Actions were initially designed for network operators, but IXPs can serve as a collaborative focal point to discuss and promote routing security. To address the unique needs and concerns of IXPs, the community created a related but separate set of MANRS actions for participating IXPs.

Malcolm Hutty, Head of Public Affairs at LINX says;

“MANRS is an important initiative for promoting best practices for routing security. LINX is pleased to support it, and to encourage others to follow its guidance, for all our protection”

Andrei Robachevsky from ISOC, which provides organisational support for the MANRS programme, will be presenting at the forthcoming LINX102 member event in Manchester next week.

For more information, please refer to the MANRS website www.manrs.org or contact publicaffairs@linx.net

ICANN protects .home, .mail and .corp from registration

By | DNS, Internet Governance, News

ICANN has announced that it will not delegate new top-level domains .home, mail and .corp, effectively turning these domains into reserved strings. The move acts to protect organisations that already use these domains to indicate IT resources on their own local network.

These three domains have been found to have been widely used by organisations for internal use, even though they are not available from ICANN.Numerous representations have been made to ICANN that delegating these domains would cause “string collision”, including by ICANN’s own Security and Stability Advisory Committee. String collision occurs when the same domain is used by different parties, recognised by different DNS resolver trees, meaning that the user may not be directed to the resource they expect. This can pose a risk of phishing fraud. String collision is normally considered a risk of a split DNS root (i.e. someone trying to usurp ICANN’s job), but can also occur when individual organisations make “private” use of an unregistered domain on their own network.

For example, if .corp were available for registrations then someone that registered fileserver.corp might receive traffic that users expected to go to a fileserver on their own corporate network – a clear security risk. By preventing these top level domains being delegated, ICANN has removed that threat from corporate networks already making use of them.